Cognitive screen sharing with contextual awareness

ABSTRACT

A method for cognitive screen sharing protection is provided. The method may include, in determining a screen sharing session of a client computing device associated with a user has been initiated, receiving, by a processor, a plurality of pertinent state data associated with the client computing device. The method may also include assigning an initial binary status to at least one display window of at least one open application on the client computing device. The method may further include, in determining a change has occurred to the screen sharing session, updating each assigned binary status. The method may also include detecting an undesirable sharing situation on the client computing device based on the updated binary status of the at least one display window. The method may further include performing a precautionary action based on the detected undesirable sharing situation.

BACKGROUND

The present invention relates, generally, to the field of computing, andmore particularly to screen sharing.

Screen sharing is a modern computing technology that allows for remoteobservance of a user's display screen by other users. Screen sharing maybe utilized by users when engaged in various group activities, such asmeetings or presentations, or one-on-one user interactions, such asinformation technology support sessions. In some screen sharinginstances, the sharing user may allow a remote user to interact orcollaborate on the shared screen by granting permissions to the remoteuser.

SUMMARY

According to one embodiment, a method for cognitive screen sharingprotection is provided. The method may include, in determining a screensharing session of a client computing device associated with a user hasbeen initiated, receiving, by a processor, a plurality of pertinentstate data associated with the client computing device. The method mayalso include assigning an initial binary status to the screen sharingsession and at least one display window of at least one open applicationon the client computing device. The method may further include, indetermining a change has occurred to the screen sharing session,updating each assigned binary status. The method may also includedetecting an undesirable sharing situation on the client computingdevice based on the updated binary status. The method may furtherinclude performing a precautionary action based on the detectedundesirable sharing situation.

According to another embodiment, a computer system for cognitive screensharing protection is provided. The computer system may include one ormore processors, one or more computer-readable memories, one or morecomputer-readable tangible storage devices, and program instructionsstored on at least one of the one or more storage devices for executionby at least one of the one or more processors via at least one of theone or more memories, whereby the computer system is capable ofperforming a method. The method may include, in determining a screensharing session of a client computing device associated with a user hasbeen initiated, receiving a plurality of pertinent state data associatedwith the client computing device. The method may also include assigningan initial binary status to the screen sharing session and at least onedisplay window of at least one open application on the client computingdevice. The method may further include, in determining a change hasoccurred to the screen sharing session, updating each assigned binarystatus. The method may also include detecting an undesirable sharingsituation on the client computing device based on the updated binarystatus. The method may further include performing a precautionary actionbased on the detected undesirable sharing situation.

According to yet another embodiment, a computer program product forcognitive screen sharing protection is provided. The computer programproduct may include one or more computer-readable storage devices andprogram instructions stored on at least one of the one or more tangiblestorage devices, the program instructions executable by a processor. Thecomputer program product may include, in determining a screen sharingsession of a client computing device associated with a user has beeninitiated, program instructions to receive a plurality of pertinentstate data associated with the client computing device. The computerprogram product may also include program instructions to assign aninitial binary status to the screen sharing session and at least onedisplay window of at least one open application on the client computingdevice. The computer program product may further include, in determininga change has occurred to the screen sharing session, programinstructions to update each assigned binary status. The computer programproduct may also include program instructions to detect an undesirablesharing situation on the client computing device based on the updatedbinary status. The computer program product may further include programinstructions to perform a precautionary action based on the detectedundesirable sharing situation.

BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWINGS

These and other objects, features and advantages of the presentinvention will become apparent from the following detailed descriptionof illustrative embodiments thereof, which is to be read in connectionwith the accompanying drawings. The various features of the drawings arenot to scale as the illustrations are for clarity in facilitating oneskilled in the art in understanding the invention in conjunction withthe detailed description. In the drawings:

FIG. 1 illustrates an exemplary networked computer environment accordingto at least one embodiment;

FIG. 2 is an operational flowchart illustrating a cognitive screenprotection process according to at least one embodiment;

FIG. 3 is a block diagram of internal and external components ofcomputers and servers depicted in FIG. 1 according to at least oneembodiment;

FIG. 4 depicts a cloud computing environment according to an embodimentof the present invention; and

FIG. 5 depicts abstraction model layers according to an embodiment ofthe present invention.

DETAILED DESCRIPTION

Detailed embodiments of the claimed structures and methods are disclosedherein; however, it can be understood that the disclosed embodiments aremerely illustrative of the claimed structures and methods that may beembodied in various forms. This invention may, however, be embodied inmany different forms and should not be construed as limited to theexemplary embodiments set forth herein. In the description, details ofwell-known features and techniques may be omitted to avoid unnecessarilyobscuring the presented embodiments.

Embodiments of the present invention relate to the field of computing,and more particularly to screen sharing. The following describedexemplary embodiments provide a system, method, and program product to,among other things, modify the content displayed during a user's sharedscreen session based on historical user information, meeting informationassociated with the current screen sharing session, and userinteractions by the screen sharing user that change the displayedinformation on the sharing user's computing device. Therefore, thepresent embodiment has the capacity to improve the technical field ofscreen sharing by cognitively learning specific information that viewersof a screen sharing session may not be authorized to observe andfiltering the confidential information (e.g. blocking a display windowfrom appearing) from the unauthorized viewers display.

As previously described, screen sharing is a modern computing technologythat allows for remote observance of a user's display screen by otherusers. Screen sharing may be utilized by users when engaged in variousgroup activities, such as meetings or presentations, or one-on-one userinteractions, such as information technology support sessions. In somescreen sharing instances, the sharing user may allow a remote user tointeract or collaborate on the shared screen by granting permissions tothe remote user.

In the modern communication ecosystem, the sharing of static materials,such as images or presentation decks by email, may frequently bereplaced by the ability of an individual to share, in real-time over anetwork, the current state of a computer display screen with anotherindividual. For example, a salesperson may share a computer screen withexecutives at a potential client organization in order to give areal-time product demonstration. Similarly, a researcher may collaboratewith team members, management, or external entities by presenting thelatest data results of an experiment. Additionally, a financialspecialist or chief executive officer may share earnings reports andother financial data with external investors.

In any context, the real-time transmission of a computer display screenprovides significant potential for accidental or otherwise unintendedtransmission of sensitive information. For example, during the course ofa real-time screen sharing session, an instant messaging client maypresent an incoming message to the foreground of the display,minimization or movement of a display window may reveal another runningapplication in the background, or failure to terminate a screen sharingsession after a meeting has completed may result in inadvertentbroadcast of subsequent computer usage activities and data. Inadvertenttransmission of information caused by the prevailing insecure screensharing protocols may be a common occurrence for some users. While, insome cases, such disclosure may be simply embarrassing, in othersituations, highly sensitive company data, such as confidential businessinformation, or confidential individual information, such as personalhealth information or personally identifiable information, may berevealed. As such, it may be advantageous to, among other things,implement a system that cognitively determines the individualsparticipating in a screen sharing session and the state of the sharinguser's device so highly sensitive information may be filtered from viewshould one or more viewers of the screen sharing session not beauthorized to observe the disclosed information, or should this sharingsimply not be desired by the presenter.

According to one embodiment, the content of a real-time screen sharingtransmission may be automatically controlled according to a model thatis based on historical user information (e.g., previous user actions)and meeting information (e.g., screen sharing session participants). Thepresent embodiment may be capable of tracking active materials within acomputer display (e.g., open or minimized program display windows),identify which active materials are currently being transmitted (e.g.,active program display windows in the foreground of a shared computerdisplay), and determine the specific metadata related to the screensharing session (e.g., number of participants and audio activity).Automatically controlling the screen sharing session may includeinterrupting the screen share, filtering the computer display contentsbeing shared, and terminating a screen sharing session without requiringuser intervention.

The present invention may be a system, a method, and/or a computerprogram product at any possible technical detail level of integration.The computer program product may include a computer readable storagemedium (or media) having computer readable program instructions thereonfor causing a processor to carry out aspects of the present invention.

The computer readable storage medium can be a tangible device that canretain and store instructions for use by an instruction executiondevice. The computer readable storage medium may be, for example, but isnot limited to, an electronic storage device, a magnetic storage device,an optical storage device, an electromagnetic storage device, asemiconductor storage device, or any suitable combination of theforegoing. A non-exhaustive list of more specific examples of thecomputer readable storage medium includes the following: a portablecomputer diskette, a hard disk, a random access memory (RAM), aread-only memory (ROM), an erasable programmable read-only memory (EPROMor Flash memory), a static random access memory (SRAM), a portablecompact disc read-only memory (CD-ROM), a digital versatile disk (DVD),a memory stick, a floppy disk, a mechanically encoded device such aspunch-cards or raised structures in a groove having instructionsrecorded thereon, and any suitable combination of the foregoing. Acomputer readable storage medium, as used herein, is not to be construedas being transitory signals per se, such as radio waves or other freelypropagating electromagnetic waves, electromagnetic waves propagatingthrough a waveguide or other transmission media (e.g., light pulsespassing through a fiber-optic cable), or electrical signals transmittedthrough a wire.

Computer readable program instructions described herein can bedownloaded to respective computing/processing devices from a computerreadable storage medium or to an external computer or external storagedevice via a network, for example, the Internet, a local area network, awide area network and/or a wireless network. The network may comprisecopper transmission cables, optical transmission fibers, wirelesstransmission, routers, firewalls, switches, gateway computers and/oredge servers. A network adapter card or network interface in eachcomputing/processing device receives computer readable programinstructions from the network and forwards the computer readable programinstructions for storage in a computer readable storage medium withinthe respective computing/processing device.

Computer readable program instructions for carrying out operations ofthe present invention may be assembler instructions,instruction-set-architecture (ISA) instructions, machine instructions,machine dependent instructions, microcode, firmware instructions,state-setting data, configuration data for integrated circuitry, oreither source code or object code written in any combination of one ormore programming languages, including an object oriented programminglanguage such as Smalltalk, C++, or the like, and procedural programminglanguages, such as the “C” programming language or similar programminglanguages. The computer readable program instructions may executeentirely on the user's computer, partly on the user's computer, as astand-alone software package, partly on the user's computer and partlyon a remote computer or entirely on the remote computer or server. Inthe latter scenario, the remote computer may be connected to the user'scomputer through any type of network, including a local area network(LAN) or a wide area network (WAN), or the connection may be made to anexternal computer (for example, through the Internet using an InternetService Provider). In some embodiments, electronic circuitry including,for example, programmable logic circuitry, field-programmable gatearrays (FPGA), or programmable logic arrays (PLA) may execute thecomputer readable program instructions by utilizing state information ofthe computer readable program instructions to personalize the electroniccircuitry, in order to perform aspects of the present invention.

Aspects of the present invention are described herein with reference toflowchart illustrations and/or block diagrams of methods, apparatus(systems), and computer program products according to embodiments of theinvention. It will be understood that each block of the flowchartillustrations and/or block diagrams, and combinations of blocks in theflowchart illustrations and/or block diagrams, can be implemented bycomputer readable program instructions.

These computer readable program instructions may be provided to aprocessor of a general purpose computer, special purpose computer, orother programmable data processing apparatus to produce a machine, suchthat the instructions, which execute via the processor of the computeror other programmable data processing apparatus, create means forimplementing the functions/acts specified in the flowchart and/or blockdiagram block or blocks. These computer readable program instructionsmay also be stored in a computer readable storage medium that can directa computer, a programmable data processing apparatus, and/or otherdevices to function in a particular manner, such that the computerreadable storage medium having instructions stored therein comprises anarticle of manufacture including instructions which implement aspects ofthe function/act specified in the flowchart and/or block diagram blockor blocks.

The computer readable program instructions may also be loaded onto acomputer, other programmable data processing apparatus, or other deviceto cause a series of operational steps to be performed on the computer,other programmable apparatus or other device to produce a computerimplemented process, such that the instructions which execute on thecomputer, other programmable apparatus, or other device implement thefunctions/acts specified in the flowchart and/or block diagram block orblocks.

The flowchart and block diagrams in the Figures illustrate thearchitecture, functionality, and operation of possible implementationsof systems, methods, and computer program products according to variousembodiments of the present invention. In this regard, each block in theflowchart or block diagrams may represent a module, segment, or portionof instructions, which comprises one or more executable instructions forimplementing the specified logical function(s). In some alternativeimplementations, the functions noted in the blocks may occur out of theorder noted in the Figures. For example, two blocks shown in successionmay, in fact, be executed substantially concurrently, or the blocks maysometimes be executed in the reverse order, depending upon thefunctionality involved. It will also be noted that each block of theblock diagrams and/or flowchart illustration, and combinations of blocksin the block diagrams and/or flowchart illustration, can be implementedby special purpose hardware-based systems that perform the specifiedfunctions or acts or carry out combinations of special purpose hardwareand computer instructions.

The following described exemplary embodiments provide a system, method,and program product to create a model based on historical userinformation and meeting information that is capable of automaticallymodifying the contents of a computer display screen shared during ascreen sharing session.

Referring to FIG. 1, an exemplary networked computer environment 100 isdepicted, according to at least one embodiment. The networked computerenvironment 100 may include client computing device 102 and a server 112interconnected via a communication network 114. According to at leastone implementation, the networked computer environment 100 may include aplurality of client computing devices 102 and servers 112, of which onlyone of each is shown for illustrative brevity.

The communication network 114 may include various types of communicationnetworks, such as a wide area network (WAN), local area network (LAN), atelecommunication network, a wireless network, a public switched networkand/or a satellite network. The communication network 114 may includeconnections, such as wire, wireless communication links, or fiber opticcables. It may be appreciated that FIG. 1 provides only an illustrationof one implementation and does not imply any limitations with regard tothe environments in which different embodiments may be implemented. Manymodifications to the depicted environments may be made based on designand implementation requirements.

Client computing device 102 may include a processor 104 and a datastorage device 106 that is enabled to host and run a software program108 and a cognitive screen protection program 110A and communicate withthe server 112 via the communication network 114, in accordance with oneembodiment of the invention. Client computing device 102 may be, forexample, a mobile device, a telephone, a personal digital assistant, anetbook, a laptop computer, a tablet computer, a desktop computer, orany type of computing device capable of running a program and accessinga network. As will be discussed with reference to FIG. 3, the clientcomputing device 102 may include internal components 302 a and externalcomponents 304 a, respectively.

The server computer 112 may be a laptop computer, netbook computer,personal computer (PC), a desktop computer, or any programmableelectronic device or any network of programmable electronic devicescapable of hosting and running a cognitive screen protection program110B and a database 116 and communicating with the client computingdevice 102 via the communication network 114, in accordance withembodiments of the invention. As will be discussed with reference toFIG. 3, the server computer 112 may include internal components 302 band external components 304 b, respectively. The server 112 may alsooperate in a cloud computing service model, such as Software as aService (SaaS), Platform as a Service (PaaS), or Infrastructure as aService (IaaS). The server 112 may also be located in a cloud computingdeployment model, such as a private cloud, community cloud, publiccloud, or hybrid cloud.

According to the present embodiment, the cognitive screen protectionprogram 110A, 110B may be a program capable of analyzing pertinent statedata for a client computing device 102 and determining if anyundesirable data is depicted on the display screen which anyparticipants to a screen sharing session should not be able to view.Once undesirable data is identified, the cognitive screen protectionprogram 110A, 110B may be capable of performing a precautionary actionthat prevents the undesirable data from being observed by the screensharing session participants. The cognitive screen protection method isexplained in further detail below with respect to FIG. 2.

Referring now to FIG. 2, an operational flowchart illustrating acognitive screen protection process 200 is depicted according to atleast one embodiment. At 202, the cognitive screen protection program110A, 110B may receive pertinent state data associated with the clientcomputing device 102. The pertinent state data may include the currentfull content of the user's computer display screen, a complete list ofall active applications and display windows of each active application,the number of remote participants in the screen sharing session, thesharing user's audio communication history across the network 114, theother participants' audio communication history across the network 114,and the user's peripheral device activity history (e.g., mouse,keyboard, and web camera). With respect to the complete list of allactive applications and the display windows for each active application,the cognitive screen protection program 110A, 110B may also considerwhether a window is an active component on the user's computer display(e.g., where a current keyboard entry would be processed), whether thewindow is accessed in the construction of the display or simplyminimized in the system tray, the position and size of each applicationdisplay window, whether the window contains any elements oftransparency, and whether the window is specified by the user to be safefor transmission across the network 114.

Next, at 204, the cognitive screen protection program 110A, 110B mayassign an initial binary status to each display window of each openapplication. The cognitive screen protection program 110A, 110B may usethe assigned binary status to determine whether to display a displaywindow on the user's computer display during a screen sharing sessionwithout filtering any content depicted on the display window. The binarystatus may be a value determined by the sensitivity of the datadisplayed within a display window. For example, a display window with alow value binary status may be displayed to all participants of a screensharing session. Conversely, a display window with a high value binarystatus may not be viewed by any participants of a screen sharingsession. The cognitive screen protection program 110A, 110B maycalculate the binary status to be assigned to each display window usingthe received pertinent state data. Furthermore, the cognitive screenprotection program 110A, 110B may use machine learning techniques andrule-based methods to cognitively determine the binary status for eachdisplay window using the pertinent state data.

Additionally, the binary status may be used by the cognitive screenprotection program 110A, 110B to detect a situation in which any sharingwith screen sharing session participants is undesired, such as when thetime period for screen sharing has expired or terminated, the sharinguser is no longer paying attention to the screen share, and when screensharing was inadvertently commenced. The cognitive screen protectionprogram 110A, 110B may detect such situations through the pertinentstate data and as determined through machine learning and rules-basedtechniques. For example, the cognitive screen protection program 110A,110B may determine there is a sustained period of no incoming oroutgoing audio communication, a sustained period of no incomingcommunications, the sharing user is communicating with a third party notparticipating in the screen sharing session, a significant reduction inthe number of screen sharing session participants occurs, or the user'spresence is not detected by an input peripheral (e.g., a webcam does notdetect the user's face in a detection zone or a preconfigured period oftime has elapsed without mouse or keyboard interaction). In suchsituations, all display windows may be assigned a high value binarystatus and the screen sharing session may be terminated or all activedisplay windows may be filtered to remove highly sensitive content.

Furthermore, the binary status may be used by the cognitive screenprotection program 110A, 110B to detect a situation in which sharing ofa particular item depicted on the computer display is undesired, such aswhen a display window, either automatically or manually, comes to theforeground of the computer display that contains highly sensitive datato which the screen sharing session participants may not be privy.Similar to situations when the cognitive screen protection program 110A,110B determines any sharing is undesired, the cognitive screenprotection program 110A, 110B may detect a situation in which sharing ofa particular depicted item is undesired using the received pertinentstate data. For example, the cognitive screen protection program 110A,110B may determine the sharing of a particular depicted item isundesirable when a user receives an instant message notification from asupervisor that includes personally identifiable information for acoworker. The cognitive screen protection program 110A, 110B may assigna high value binary status to the instant message notification as itappears and filter the contents of the notification from the screensharing session participants view.

Then, at 206, the cognitive screen protection program 110A, 110B mayupdate each assigned binary status when a change to the screen sharingsession occurs. As the sharing user performs interactions with thegraphical user interface of the client computing device 102,participants join and leave the screen sharing session, and openapplications, such as software application 108, perform operations, theinformation displayed to the participants and the status of the screensharing session may change. For example, a severe decrease in the numberof participants may indicate the screen sharing session has ended butthe host user failed to terminate screen sharing. As such, the binarystatus of the display windows may be updated using the receivedpertinent status data.

Next, at 208, the cognitive screen protection program 110A, 110B maydetect an undesirable sharing situation on the client computing device102 based on the updated binary status for each window. For example, ifa display window originally received a low value binary status since nohighly sensitive information was present within the display window, thecognitive screen protection program 110A, 110B may not filter anyinformation within the display window and allow all screen sharingsession participants to view the displayed information. However, if thesharing user types confidential information into the originally lowvalue binary status display window, the cognitive screen protectionprogram 110A, 110B may recalculate the binary status of the displaywindow and assign a high value binary status that requires the displaywindow to be filtered from the screen sharing session participants view.The cognitive screen protection program 110A, 110B may detect theundesirable sharing situation through a variety of approaches, such asrule-based methods or machine learning methods.

Then, at 210, the cognitive screen protection program 110A, 110B mayperform a precautionary action based on the detected undesirable sharingsituation. Once the cognitive screen protection program 110A, 110Bdetermines an undesirable sharing situation has occurred, the cognitivescreen protection program 110A, 110B may automatically take apredetermined precautionary action without requiring user involvement.The precautionary action performed by the cognitive screen protectionprogram 110A, 110B may include terminating the screen sharing session,filtering the specific undesired content from the data being transmittedto participants of the screen sharing session, and pausing the screensharing session immediately prior to the undesirable sharing situationbeing transmitted to participants. The user may preconfigure preferencesrelated to the precautionary action by manually adjusting a settingsmenu in the cognitive screen protection program 110A, 110B.

If the cognitive screen protection program 110A, 110B filters theundesirable content prior to transmission to participants, thefiltration may be in the form of a single color-obscuring region beingoverlaid on a particular portion of a display window or the displayscreen. Such filtration of the undesired data may enable a real-timetransmission of the desired content to continue.

If the cognitive screen protection program 110A, 110B pauses the screensharing session, a static image rendering of the most recent displaystate prior to the undesired content's appearance may be transmitted toparticipants. Although real-time transmission of the desired content isprevented under this precautionary action, such action may be preferableto filtration of the undesired content when the undesired content isvery large in proportion to the entire display which may result in theentire filtration of the transmitted display. Similarly, pausing thetransmission may be preferable to filtration of undesirable content whenthe desired content is in a static state, such as during a slide showpresentation without animation or slide changes.

In at least one embodiment, the cognitive screen protection program110A, 110B may remove the performed precautionary action once theundesirable sharing situation has ended. For example, if the cognitivescreen protection program 110A, 110B filtered out an instant messagewindow containing highly sensitive information by overlaying the instantmessage display window with a black box, the cognitive screen protectionprogram 110A, 110B may remove the black box from the transmission toscreen sharing session participants when the sharing user exits orminimizes the instant message display window. Similarly, if thecognitive screen protection program 110A, 110B paused the screen sharingsession when the instant message was received, the cognitive screenprotection program 110A, 110B may resume the transmission toparticipants when the sharing user exits or minimizes the instantmessage display window.

It may be appreciated that FIG. 2 provides only an illustration of oneimplementation and does not imply any limitations with regard to howdifferent embodiments may be implemented. Many modifications to thedepicted environments may be made based on design and implementationrequirements. For example, the cognitive screen protection program 110A,110B may be capable of identifying each participant to the screensharing session and the privileges each participant holds in relation tothe host user. In the event undesirable information is presented on thehost user's display screen for transmission to participants, thecognitive screen protection program 110A, 110B may filter the undesiredinformation to participants not authorized to see such information butnot filter and transmit the information to participants authorized tosee such information, such as the host user's supervisor.

As a more detailed example of at least one embodiment, a user may join aweb conference in which various other users are already logged in. Theuser may initiate a screen sharing session to share the user's entirecomputer display. The cognitive screen protection program 110A, 110B mayobserve the screen sharing session has been requested and may observethe current status of the user's display as well as the pertinent dataof the meeting, such as the number of potential recipients of the data,the audio traffic, and the present duration of the meeting. Based onprevious instances of users choosing to allow transmission of webbrowsers at a very early stage in a meeting with little audiocommunication, the cognitive screen protection program 110A, 110B maypredict a very high likelihood of this transmission being desired andmay automatically permit the transmission of the browser rather thanblock the transmission as a user error in inadvertently selecting toscreen share. The recipients then begin to receive a transmission of theuser's view of the web meeting.

During the course of the meeting, the user may minimize the full screenbrowser window revealing numerous screen contents, such as a slide showpresentation which is the active display component, a portion of theuser's email inbox, and a portion of the computer desktop. Based on thisuser action and the pertinent data, the cognitive screen protectionprogram 110A, 110B may predict a low likelihood of desired transmissionfor the desktop and user's email inbox and may create a local copy ofthe user's display where these components have been obscured by a solidcolor. The cognitive screen protection program 110A, 110B may provide abutton in the sharing user's display that is visible only to the sharinguser, which indicates that these components of the display are not beingtransmitted to screen share participants. However, the cognitive screenprotection program 110A, 110B may allow the sharing user to overrule thedecision and begin transmission of the components. In this process, therecipients observe a smooth transition from the full screen web browserto the modified version of the user's display that includes a slide showpresentation as the active display component surrounded by solid color.

Thereafter, the sharing user may instruct the slide show presentationsoftware to begin full screen presentation mode. The cognitive screenprotection program 110A, 110B may process the new content of the displayand update the pertinent state data concerning the meeting and maypredict a very high likelihood of this being information desired fortransmission. Therefore, the cognitive screen protection program 110A,110B may take no action and the recipients may begin to receive thetransmission of the presentation.

During the presentation, a viewer of the screen sharing session may aska question to the sharing user. The sharing user may switch the focus ofthe display from the presentation to a text editor that allows the userto type and review notes. The cognitive screen protection program 110A,110B may parse the pertinent data, particularly the change in audiotraffic status and screen content, to determine if a moderate likelihoodexists that the sharing user intends for the text editor to betransmitted to viewing users. If the cognitive screen protection program110A, 110B determines the likelihood is too low for automatictransmission to the viewing users, the cognitive screen protectionprogram 110A, 110B may transmit a static image of the previous state ofthe sharing user's screen (i.e., the slide show presentation). Thecognitive screen protection program 110A, 110B may display a button onthe graphical user interface of the sharing user's client computingdevice 102 that is only visible to the sharing user and allows thesharing user the option to transmit the text editor display window tothe viewing users.

Additionally, before answering the viewer's question, the sharing usermay switch focus again to a spreadsheet that contains evidentiaryinformation helpful to answering the viewer's question. The cognitivescreen protection program 110A, 110B may process the situation anddetermine a moderate likelihood that the sharing user intends totransmit the data contained within the spreadsheet. Therefore, thecognitive screen protection program 110A, 110B may continue to transmita static image of the presentation rather than the image of thespreadsheet. However, when the cognitive screen protection program 110A,110B presents the user with a dialog box allowing the user to overridethe automatic decision to not transmit the spreadsheet window to theviewing users, the sharing user may decide to override the automaticdecision and transmit the current view of the sharing user's display.

Once the static image is overridden, the cognitive screen protectionprogram 110A, 110B may transmit the sharing user's display containingthe spreadsheet window surrounded by a solid color so as to block anysensitive information contained within the window. The user may decidethat the information within the spreadsheet window is safe fortransmission to viewing users and override the obscuration of thespreadsheet presentation. The user decisions to override the spreadsheetobscuration are tracked and analyzed by the cognitive screen protectionprogram 110A, 110B through known machine learning techniques that allowthe cognitive screen protection program 110A, 110B to determine futureuser interactions that may warrant protection.

Then, at the end of the sharing user's presentation, the sharing usermay not terminate the screen sharing session. However, the cognitivescreen protection program 110A, 110B may detect a change in the audiotransmissions and a sharp drop in the number of viewers as viewing usersleave the session. If the cognitive screen protection program 110A, 110Bdetects the sharing user change the display to focus on the sharinguser's email inbox, the cognitive screen protection program 110A, 110Bmay determine that the screen sharing session should be terminated sincethere is a high likelihood that the meeting for which the screen sharingsession was initiated has concluded. Additionally, the cognitive screenprotection program 110A, 110B may present the sharing user with a dialogbox that allows the sharing user to override the screen sharing sessiontermination determination should the decision to end the screen sharingsession by the cognitive screen protection program 110A, 110B beincorrect.

FIG. 3 is a block diagram 300 of internal and external components of theclient computing device 102 and the server 112 depicted in FIG. 1 inaccordance with an embodiment of the present invention. It should beappreciated that FIG. 3 provides only an illustration of oneimplementation and does not imply any limitations with regard to theenvironments in which different embodiments may be implemented. Manymodifications to the depicted environments may be made based on designand implementation requirements.

The data processing system 302, 304 is representative of any electronicdevice capable of executing machine-readable program instructions. Thedata processing system 302, 304 may be representative of a smart phone,a computer system, PDA, or other electronic devices. Examples ofcomputing systems, environments, and/or configurations that mayrepresented by the data processing system 302, 304 include, but are notlimited to, personal computer systems, server computer systems, thinclients, thick clients, hand-held or laptop devices, multiprocessorsystems, microprocessor-based systems, network PCs, minicomputersystems, and distributed cloud computing environments that include anyof the above systems or devices.

The client computing device 102 and the server 112 may includerespective sets of internal components 302 a,b and external components304 a,b illustrated in FIG. 3. Each of the sets of internal components302 include one or more processors 320, one or more computer-readableRAMs 322, and one or more computer-readable ROMs 324 on one or morebuses 326, and one or more operating systems 328 and one or morecomputer-readable tangible storage devices 330. The one or moreoperating systems 328, the software program 108 and the cognitive screenprotection program 110A in the client computing device 102, and thecognitive screen protection program 110B in the server 112 are stored onone or more of the respective computer-readable tangible storage devices330 for execution by one or more of the respective processors 320 viaone or more of the respective RAMs 322 (which typically include cachememory). In the embodiment illustrated in FIG. 3, each of thecomputer-readable tangible storage devices 330 is a magnetic diskstorage device of an internal hard drive. Alternatively, each of thecomputer-readable tangible storage devices 330 is a semiconductorstorage device such as ROM 324, EPROM, flash memory or any othercomputer-readable tangible storage device that can store a computerprogram and digital information.

Each set of internal components 302 a,b also includes a R/W drive orinterface 332 to read from and write to one or more portablecomputer-readable tangible storage devices 338 such as a CD-ROM, DVD,memory stick, magnetic tape, magnetic disk, optical disk orsemiconductor storage device. A software program, such as the cognitivescreen protection program 110A, 110B, can be stored on one or more ofthe respective portable computer-readable tangible storage devices 338,read via the respective R/W drive or interface 332, and loaded into therespective hard drive 330.

Each set of internal components 302 a,b also includes network adaptersor interfaces 336 such as a TCP/IP adapter cards, wireless Wi-Fiinterface cards, or 3G or 4G wireless interface cards or other wired orwireless communication links. The software program 108 and the cognitivescreen protection program 110A in the client computing device 102 andthe cognitive screen protection program 110B in the server 112 can bedownloaded to the client computing device 102 and the server 112 from anexternal computer via a network (for example, the Internet, a local areanetwork or other, wide area network) and respective network adapters orinterfaces 336. From the network adapters or interfaces 336, thesoftware program 108 and the cognitive screen protection program 110A inthe client computing device 102 and the cognitive screen protectionprogram 110B in the server 112 are loaded into the respective hard drive330. The network may comprise copper wires, optical fibers, wirelesstransmission, routers, firewalls, switches, gateway computers and/oredge servers.

Each of the sets of external components 304 a,b can include a computerdisplay monitor 344, a keyboard 342, and a computer mouse 334. Externalcomponents 304 a,b can also include touch screens, virtual keyboards,touch pads, pointing devices, and other human interface devices. Each ofthe sets of internal components 302 a,b also includes device drivers 340to interface to computer display monitor 344, keyboard 342, and computermouse 334. The device drivers 340, R/W drive or interface 332, andnetwork adapter or interface 336 comprise hardware and software (storedin storage device 330 and/or ROM 324).

It is understood in advance that although this disclosure includes adetailed description on cloud computing, implementation of the teachingsrecited herein are not limited to a cloud computing environment. Rather,embodiments of the present invention are capable of being implemented inconjunction with any other type of computing environment now known orlater developed.

Cloud computing is a model of service delivery for enabling convenient,on-demand network access to a shared pool of configurable computingresources (e.g. networks, network bandwidth, servers, processing,memory, storage, applications, virtual machines, and services) that canbe rapidly provisioned and released with minimal management effort orinteraction with a provider of the service. This cloud model may includeat least five characteristics, at least three service models, and atleast four deployment models.

Characteristics are as follows:

On-demand self-service: a cloud consumer can unilaterally provisioncomputing capabilities, such as server time and network storage, asneeded automatically without requiring human interaction with theservice's provider.

Broad network access: capabilities are available over a network andaccessed through standard mechanisms that promote use by heterogeneousthin or thick client platforms (e.g., mobile phones, laptops, and PDAs).

Resource pooling: the provider's computing resources are pooled to servemultiple consumers using a multi-tenant model, with different physicaland virtual resources dynamically assigned and reassigned according todemand. There is a sense of location independence in that the consumergenerally has no control or knowledge over the exact location of theprovided resources but may be able to specify location at a higher levelof abstraction (e.g., country, state, or datacenter).

Rapid elasticity: capabilities can be rapidly and elasticallyprovisioned, in some cases automatically, to quickly scale out andrapidly released to quickly scale in. To the consumer, the capabilitiesavailable for provisioning often appear to be unlimited and can bepurchased in any quantity at any time.

Measured service: cloud systems automatically control and optimizeresource use by leveraging a metering capability at some level ofabstraction appropriate to the type of service (e.g., storage,processing, bandwidth, and active user accounts). Resource usage can bemonitored, controlled, and reported providing transparency for both theprovider and consumer of the utilized service.

Service Models are as follows:

Software as a Service (SaaS): the capability provided to the consumer isto use the provider's applications running on a cloud infrastructure.The applications are accessible from various client devices through athin client interface such as a web browser (e.g., web-based email). Theconsumer does not manage or control the underlying cloud infrastructureincluding network, servers, operating systems, storage, or evenindividual application capabilities, with the possible exception oflimited user-specific application configuration settings.

Platform as a Service (PaaS): the capability provided to the consumer isto deploy onto the cloud infrastructure consumer-created or acquiredapplications created using programming languages and tools supported bythe provider. The consumer does not manage or control the underlyingcloud infrastructure including networks, servers, operating systems, orstorage, but has control over the deployed applications and possiblyapplication hosting environment configurations.

Infrastructure as a Service (IaaS): the capability provided to theconsumer is to provision processing, storage, networks, and otherfundamental computing resources where the consumer is able to deploy andrun arbitrary software, which can include operating systems andapplications. The consumer does not manage or control the underlyingcloud infrastructure but has control over operating systems, storage,deployed applications, and possibly limited control of select networkingcomponents (e.g., host firewalls).

Deployment Models are as follows:

Private cloud: the cloud infrastructure is operated solely for anorganization. It may be managed by the organization or a third party andmay exist on-premises or off-premises.

Community cloud: the cloud infrastructure is shared by severalorganizations and supports a specific community that has shared concerns(e.g., mission, security requirements, policy, and complianceconsiderations). It may be managed by the organizations or a third partyand may exist on-premises or off-premises.

Public cloud: the cloud infrastructure is made available to the generalpublic or a large industry group and is owned by an organization sellingcloud services.

Hybrid cloud: the cloud infrastructure is a composition of two or moreclouds (private, community, or public) that remain unique entities butare bound together by standardized or proprietary technology thatenables data and application portability (e.g., cloud bursting forload-balancing between clouds).

A cloud computing environment is service oriented with a focus onstatelessness, low coupling, modularity, and semantic interoperability.At the heart of cloud computing is an infrastructure comprising anetwork of interconnected nodes.

Referring now to FIG. 4, illustrative cloud computing environment 50 isdepicted. As shown, cloud computing environment 50 comprises one or morecloud computing nodes 100 with which local computing devices used bycloud consumers, such as, for example, personal digital assistant (PDA)or cellular telephone 54A, desktop computer 54B, laptop computer 54C,and/or automobile computer system 54N may communicate. Nodes 100 maycommunicate with one another. They may be grouped (not shown) physicallyor virtually, in one or more networks, such as Private, Community,Public, or Hybrid clouds as described hereinabove, or a combinationthereof. This allows cloud computing environment 50 to offerinfrastructure, platforms and/or software as services for which a cloudconsumer does not need to maintain resources on a local computingdevice. It is understood that the types of computing devices 54A-N shownin FIG. 4 are intended to be illustrative only and that computing nodes100 and cloud computing environment 50 can communicate with any type ofcomputerized device over any type of network and/or network addressableconnection (e.g., using a web browser).

Referring now to FIG. 5, a set of functional abstraction layers 500provided by cloud computing environment 50 is shown. It should beunderstood in advance that the components, layers, and functions shownin FIG. 5 are intended to be illustrative only and embodiments of theinvention are not limited thereto. As depicted, the following layers andcorresponding functions are provided:

Hardware and software layer 60 includes hardware and softwarecomponents. Examples of hardware components include: mainframes 61; RISC(Reduced Instruction Set Computer) architecture based servers 62;servers 63; blade servers 64; storage devices 65; and networks andnetworking components 66. In some embodiments, software componentsinclude network application server software 67 and database software 68.

Virtualization layer 70 provides an abstraction layer from which thefollowing examples of virtual entities may be provided: virtual servers71; virtual storage 72; virtual networks 73, including virtual privatenetworks; virtual applications and operating systems 74; and virtualclients 75.

In one example, management layer 80 may provide the functions describedbelow. Resource provisioning 81 provides dynamic procurement ofcomputing resources and other resources that are utilized to performtasks within the cloud computing environment. Metering and Pricing 82provide cost tracking as resources are utilized within the cloudcomputing environment, and billing or invoicing for consumption of theseresources. In one example, these resources may comprise applicationsoftware licenses. Security provides identity verification for cloudconsumers and tasks, as well as protection for data and other resources.User portal 83 provides access to the cloud computing environment forconsumers and system administrators. Service level management 84provides cloud computing resource allocation and management such thatrequired service levels are met. Service Level Agreement (SLA) planningand fulfillment 85 provide pre-arrangement for, and procurement of,cloud computing resources for which a future requirement is anticipatedin accordance with an SLA.

Workloads layer 90 provides examples of functionality for which thecloud computing environment may be utilized. Examples of workloads andfunctions which may be provided from this layer include: mapping andnavigation 91; software development and lifecycle management 92; virtualclassroom education delivery 93; data analytics processing 94;transaction processing 95; and cognitive screen protection 96. Cognitivescreen protection 96 may relate to analyzing data pertinent to the stateof a user's client computing device 102 to determine when highlysensitive information is being displayed that should not be shared withviewers of a screen sharing session and taking preventative actions toprevent the sensitive information from being disseminated to the screensharing session viewers.

The descriptions of the various embodiments of the present inventionhave been presented for purposes of illustration, but are not intendedto be exhaustive or limited to the embodiments disclosed. Manymodifications and variations will be apparent to those of ordinary skillin the art without departing from the scope of the describedembodiments. The terminology used herein was chosen to best explain theprinciples of the embodiments, the practical application or technicalimprovement over technologies found in the marketplace, or to enableothers of ordinary skill in the art to understand the embodimentsdisclosed herein.

What is claimed is:
 1. A processor-implemented method for cognitivescreen sharing protection, the method comprising: in determining ascreen sharing session of a client computing device associated with auser has been initiated, receiving, by a processor, a plurality ofpertinent state data associated with the client computing device;assigning an initial binary status to the screen sharing session and atleast one display window of at least one open application on the clientcomputing device; in determining a change has occurred to the screensharing session, updating each assigned binary status; detecting anundesirable sharing situation on the client computing device based onthe updated binary status; and performing a precautionary action basedon the detected undesirable sharing situation.
 2. The method of claim 1,wherein the plurality of pertinent state data is selected from a groupconsisting of a plurality of current full content of a computer displayscreen of the client computing device, a complete list of a plurality ofactive applications, a plurality of display windows associated with eachof the plurality of active applications, a total number of a pluralityof remote participants in the screen sharing session, an audiocommunication history associated with the user across a network, anaudio communication history associated with the plurality of remoteparticipants across the network, and a peripheral device activityhistory associated with the user.
 3. The method of claim 1, wherein thechange to the screen sharing session is selected from a group consistingof a plurality of user interactions with a graphical user interface ofthe client computing device, a plurality of participants join the screensharing session, a plurality of participants leave the screen sharingsession, an application on the client computing device is opened, anapplication on the client computing device is closed, an application onthe client computing device is minimized, and a plurality of informationdepicted on a display window of an application is changed.
 4. The methodof claim 1, wherein the precautionary action is selected from a groupconsisting of terminating the screen sharing session, filtering aplurality of undesired content from being transmitted to a plurality ofparticipants of the screen sharing session, and pausing the screensharing session immediately prior to the undesirable sharing situationbeing transmitted to the plurality of participants.
 5. The method ofclaim 1, further comprising: in determining the detected undesirablesharing situation is no longer present, removing the performedprecautionary action.
 6. The method of claim 1, further comprising:removing the performed precautionary action based on receiving aplurality of user interactions to override the performed precautionaryaction.
 7. The method of claim 4, wherein filtering the plurality ofundesired content includes overlaying the plurality of undesired contentwith a single color-obscuring region.
 8. A computer system for cognitivescreen sharing protection, the computer system comprising: one or moreprocessors, one or more computer-readable memories, one or morecomputer-readable tangible storage medium, and program instructionsstored on at least one of the one or more tangible storage medium forexecution by at least one of the one or more processors via at least oneof the one or more memories, wherein the computer system is capable ofperforming a method comprising: in determining a screen sharing sessionof a client computing device associated with a user has been initiated,receiving a plurality of pertinent state data associated with the clientcomputing device; assigning an initial binary status to the screensharing session and at least one display window of at least one openapplication on the client computing device; in determining a change hasoccurred to the screen sharing session, updating each assigned binarystatus; detecting an undesirable sharing situation on the clientcomputing device based on the updated binary status; and performing aprecautionary action based on the detected undesirable sharingsituation.
 9. The computer system of claim 8, wherein the plurality ofpertinent state data is selected from a group consisting of a pluralityof current full content of a computer display screen of the clientcomputing device, a complete list of a plurality of active applications,a plurality of display windows associated with each of the plurality ofactive applications, a total number of a plurality of remoteparticipants in the screen sharing session, an audio communicationhistory associated with the user across a network, an audiocommunication history associated with the plurality of remoteparticipants across the network, and a peripheral device activityhistory associated with the user.
 10. The computer system of claim 8,wherein the change to the screen sharing session is selected from agroup consisting of a plurality of user interactions with a graphicaluser interface of the client computing device, a plurality ofparticipants join the screen sharing session, a plurality ofparticipants leave the screen sharing session, an application on theclient computing device is opened, an application on the clientcomputing device is closed, an application on the client computingdevice is minimized, and a plurality of information depicted on adisplay window of an application is changed.
 11. The computer system ofclaim 8, wherein the precautionary action is selected from a groupconsisting of terminating the screen sharing session, filtering aplurality of undesired content from being transmitted to a plurality ofparticipants of the screen sharing session, and pausing the screensharing session immediately prior to the undesirable sharing situationbeing transmitted to the plurality of participants.
 12. The computersystem of claim 8, further comprising: in determining the detectedundesirable sharing situation is no longer present, removing theperformed precautionary action.
 13. The computer system of claim 8,further comprising: removing the performed precautionary action based onreceiving a plurality of user interactions to override the performedprecautionary action.
 14. The computer system of claim 11, whereinfiltering the plurality of undesired content includes overlaying theplurality of undesired content with a single color-obscuring region. 15.A computer program product for cognitive screen sharing protection, thecomputer program product comprising: one or more computer-readabletangible storage medium and program instructions stored on at least oneof the one or more tangible storage medium, the program instructionsexecutable by a processor, the program instructions comprising: indetermining a screen sharing session of a client computing deviceassociated with a user has been initiated, program instructions toreceive a plurality of pertinent state data associated with the clientcomputing device; program instructions to assign an initial binarystatus to the screen sharing session and at least one display window ofat least one open application on the client computing device; indetermining a change has occurred to the screen sharing session, programinstructions to update each assigned binary status; program instructionsto detect an undesirable sharing situation on the client computingdevice based on the updated binary status; and program instructions toperform a precautionary action based on the detected undesirable sharingsituation.
 16. The computer program product of claim 15, wherein theplurality of pertinent state data is selected from a group consisting ofa plurality of current full content of a computer display screen of theclient computing device, a complete list of a plurality of activeapplications, a plurality of display windows associated with each of theplurality of active applications, a total number of a plurality ofremote participants in the screen sharing session, an audiocommunication history associated with the user across a network, anaudio communication history associated with the plurality of remoteparticipants across the network, and a peripheral device activityhistory associated with the user.
 17. The computer program product ofclaim 15, wherein the change to the screen sharing session is selectedfrom a group consisting of a plurality of user interactions with agraphical user interface of the client computing device, a plurality ofparticipants join the screen sharing session, a plurality ofparticipants leave the screen sharing session, an application on theclient computing device is opened, an application on the clientcomputing device is closed, an application on the client computingdevice is minimized, and a plurality of information depicted on adisplay window of an application is changed.
 18. The computer programproduct of claim 15, wherein the precautionary action is selected from agroup consisting of terminating the screen sharing session, filtering aplurality of undesired content from being transmitted to a plurality ofparticipants of the screen sharing session, and pausing the screensharing session immediately prior to the undesirable sharing situationbeing transmitted to the plurality of participants.
 19. The computerprogram product of claim 15, further comprising: in determining thedetected undesirable sharing situation is no longer present, programinstructions to remove the performed precautionary action.
 20. Thecomputer program product of claim 15, further comprising: programinstructions to remove the performed precautionary action based onreceiving a plurality of user interactions to override the performedprecautionary action.